Expert analysis
It only takes one over-privileged identity to do major damage to a cloud
While moving to the cloud increases efficiency and business agility, security strategies haven’t been adapted to account for this shift and traditional tools can’t effectively …
Foiling intellectual property theft in a digital-first world
In today’s data-driven world, the expectations and demands faced by many organizations worldwide are reaching unseen levels. To meet the challenge, a data-driven approach is …
The top security threats to GraphQL APIs and how to address them
Enterprises looking to modernize their APIs are increasingly switching from the REST architecture to the open-source data query and manipulation language GraphQL. While the …
ChatGPT is bringing advancements and challenges for cybersecurity
Understanding why ChatGPT is garnering so much attention takes a bit of background. Up until recently, AI models have been quite “dumb”: they could only respond to specific …
Four steps SMBs can take to close SaaS security gaps
Despite economic volatility and tighter budgets, adoption of software as a service (SaaS) continues to increase. Gartner forecasts a 16.8% growth for SaaS in 2023 as companies …
Application and cloud security is a shared responsibility
Cloud environments and application connectivity have become a critical part of many organizations’ digital transformation initiatives. In fact, nearly 40% of North American …
Attack surface management (ASM) is not limited to the surface
Another year of high-profile cyberattacks, another year of beating the cybersecurity drums. Clearly, we’re missing a few notes. Attack surface management (ASM) is a make or …
The risks and benefits of starting a vCISO practice
There is a definite trend of MSPs shifting into security. There are a number of very good reasons for this, including the fact that other services traditionally offered are …
Steps CISA should take in 2023
Recently, I was asked to imagine that I had been granted an hour with top officials at the Cybersecurity and Infrastructure Security Agency (CISA) – what advice would I …
Reimagining zero trust for modern SaaS
The concept of zero trust – as a way to improve the security of and access to an organization’s network, systems, and data – has gained traction in recent …
February 2023 Patch Tuesday forecast: A Valentine’s date
Patch Tuesday falls on Valentine’s Day this year but will it be a special date? While there have been ongoing cyber-attacks of all kinds, it has been relatively quiet on the …
The dangers of unsupported applications
Are ageing technologies and infrastructure threatening the security and productivity of your business? A recent investigation by the National Audit Office (NAO – UK’s …